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(57) ABSTRACT 

A server system provides a client system with a number of 
on-line services including a log-in service. Once the server 
receives a request from the user for initiating access to the 
server, the log-in service accesses a user database for infor- 
mation including access privileges of the authorized user in 
relation to the other services available on the server. The 
server then generates an information packet containing this 
information, and transmits the information packet to the 
client. The client than tr ansmits a second req uest to the 
server" requesting • use of another s ervice offered by the 
server. The information packef^rovided by_ the_seryer in 
response to^thTlog^in request is transmitted along with the 
second request to the server. The server then regulates access 
by the client to this other service by using the information 
packet transmitted back to the server from the client. Thus, 
access to the user database is minimized. 
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METHOD OF USING ELECTRONIC 
TICKETS CONTAINING PRIVILEGES FOR 
IMPROVED SECURITY 

RELATED APPLICATION 

This application is a continuation of U.S. application Ser. 
No. 09/342,861, filed Jim. 29, 1999, entitled, "Method of 
Using Electronic Tickets Containing Privileges for 
Improved Security," now U.S. Pat. No. 6,311,207 which is 
a divisional of U.S. application Ser. No. 08/656,924 entitled 
"Method of Transcoding Documents in a Network Environ- 
ment Using a Proxy Server", filed Jun. 3, 1996, now U.S. 
Pat. No. 5,918,013 which is incorporated herein by refer- 
ence. 

BACKGROUND OF THE INVENTION 

1. The Field of the Invention 

TTie present invention pertains to the field of client-server 
computer networking. More particularly, the present inven- 
tion relates to a method of using electronic tickets containing 
privileges for improved security. 

2. The Prior State of the Art 

The number of people using personal computers has 
increased substantially in recent years, and along with this 
increase has come an explosion in the use of the Internet. 
One particular aspect of the Internet which has gained 
widespread use is the World-Wide Web ("the Web"). The 
Web is a collection of formatted hypertext pages located on 
numerous computers around the world that are logically 
connected by the Internet. Advances in network technology 
and software providing user interfaces to the Web ("Web 
browsers") have made the Web accessible to a large segment 
of the population. However, despite the growth in the 
development and use of the Web, many people are still 
unable to take advantage of this important resource. 

Access to the Web has been limited thus far mostly to 
people who have access to a personal computer. However, 
many people cannot afford the cost of even a relatively 
inexpensive personal computer, while others are either 
unable or unwilling to learn the basic computer skills that are 
required to access the Web. Furthermore, Web browsers in 
the prior art generally do not provide the degree of user- 
friendliness desired by some people, and many computer 
novices do not have the patience to learn how to use the 
software. Therefore, it would be desirable to provide an 
inexpensive means by which a person can access the Web 
without the use of a personal computer. In particular, it 
would be desirable for a person to be able to access the Web 
pages using an ordinary television set and a remote control, 
so that the person feels more as if he or she is simply 
changing television channels, rather than utilizing a complex 
computer network. 

Prior art Web technology also has other significant limi- 
tations which can make a person's experience unpleasant 
when browsing the Web. Web documents are commonly 
written in HTML (Hypertext Mark-up Language). HTML 
documents sometimes contain bugs (errors) or have features 
that are not recognized by certain Web browsers. These bugs 
or quirks in a document can cause a Web browser to fail. 
Thus, what is needed is a means for reducing the frequency 
with which client systems fail due to bugs or quirks in 
HTML documents. 

Another problem associated with browsing the Web is 
latency. People commonly experience long, frustrating 
delays when browsing the Web. It is not unusual for a person 
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to have to wait minutes after selecting a hypertext link for a 
Web page to be completely downloaded to his computer and 
displayed on his computer screen. There are many possible 
causes for latency, such as heavy communications traffic on 

5 the Internet and slow response of remote servers. Latency 
can also be caused by Web pages including images. One 
reason for this effect is that, when an HTML document 
references an image, it takes time to retrieve the image itself 
after the referencing document has been retrieved. Another 

10 reason is that, in the prior art, if the referencing document 
does not specify the size of the image, the client system 
generally cannot display the Web page until the image itself 
has been retrieved. Numerous others sources of latency exist 
with respect to the Web. Therefore, what is needed is a 

15 means for reducing such latency, to eliminate some of the 
frustration which typically has been associated with brows- 
ing the Web. 

Security is another concern associated with the Internet. 
Internet service providers (ISPs) generally maintain certain 

20 information about each customer in a database. This infor- 
mation may include information which a customer may not 
wish to become publicly known, such as social security 
numbers and credit card numbers. Maintaining the confi- 
dentiality of this information in a system that is connected to 

25 an expensive publicly-accessible computer network like the 
Internet can be problematic. Further, the problem can be 
aggravated by the fact that an ISP often provides numerous 
different services, each of which has access to this database. 
Allowing access to the database by many different entities 

30 creates many opportunities for security breaches to occur. 
Therefore, what is needed is a way to improve the security 
of confidential customer information in a server system 
coupled to the Internet. 

35 SUMMARY AND OBJECTS OF THE 

INVENTION 

According to the present invention, a server is coupled to 
a client, the client having an authorized user. The server 
provides the client with a number of on-line services includ- 

40 ing a log-in service. The other services might include, for 
example, e-mail. The server also has a user database con- 
taining information about each user including the authorized 
user that is associated with the client 

4S The present invention has the advantage of improved 
security because only the log-in service has access to the 
user database. Once the server receives the request from the 
user for initiating access to the server, the log-in service 
obtains information from the user database. This informa- 

50 tion includes access privileges of the authorized user in 
relation to the other services available on the server. The 
server then generates an information packet containing this 
information, and transmits the information packet to the 
client. 

55 After the client logs into the server and receives the 
information packet, the client transmits another request to 
the server. This request is for requesting use of another 
service offered by the server other than the log-in service. 
The irjformation packet provided by the server in response 

60 to the log-in request is transmitted along with the second 
request to the server. The server then regulates access by the 
client to this other service by using the information packet 
transmitted back to the server from the client. 
Note that the second service does not need to re-access the 

65 user database to determine whether the client should be 
granted access to the second service. Instead, the second 
service determines the access privileges of the client by 
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reading the information packet provided by the client to the 
second service without resorting to a direct access of the user 
database. Thus, the only time when the user database is 
directly accessed is during the initial log-in procedure. Thus, 
the number of direct accesses of the user database is reduced 
compared to the database accessing of the prior art server 
systems in which each service of the server directly accesses 
the database. Furthermore, only the log-in service needs to 
have access to the user database. By minimizing the number 
of services that have access to the user database, the risk of 
security breaches of the user database is likewise minimized. 

Other features of the present invention will be apparent 
from the accompanying drawings and from the detailed 
description which follow. 

BRIEF DESCRIPTION OF THE DRAWINGS 

In order that the manner in which the above-recited and 
other advantages and objects of the invention are obtained, 
a more particular description of the invention briefly 
described above will be rendered by reference to specific 
embodiments thereof which are illustrated in the appended 
drawings. Understanding that these drawings depict only 
typical embodiments of the invention and are not therefore 
to be considered limiting of its scope, the invention will be 
described and explained with additional specificity and 
detail through the use of the accompanying drawings in 
which: 

FIG. 1 illustrates several clients connected to a proxying 
server in a network; 

FIG. 2 illustrates a client according to the present inven- 
tion; 

FIG. 3 is a block diagram of a server according to the 
present invention; 

FIG. 4A illustrates a server including a proxy cache and 
a transcoder; 

FIG. 4B illustrates databases used in a server according to 
the present invention; 

FIG. 5 is a flow diagram illustrating a routine for 
transcoding a document retrieved from a remote server using 
data stored in a persistent database; 

FIG. 6 is a flow diagram illustrating a routine for 
transcoding an HTML document for purposes of eliminating 
bugs or undesirable features; 

FIG. 7 is a flow diagram illustrating a routine for reducing 
latency when downloading a document referencing an image 
to a client; 

FIG. 8 is a flow diagram illustrating a routine for updating 
documents stored in the proxy cache using data stored in a 
persistent database; 

FIG. 9 is a flow diagram illustrating a routine used by a 
server for retrieving documents from another remote server; 

FIG. 10 is a block diagram of a prior art server system 
showing a relationship between various services and a 
database; 

FIG. U is a block diagram of a server system according 
to the present invention showing a relationship between 
various services and a user database; and 

FIG. 12 is a flow diagram illustrating a routine used by a 
server for regulating access to various services provided by 
the server. 

DETAILED DESCRIPTION OF THE 
. PREFERRED EMBODIMENTS 

A method and apparatus are described for providing 
electronic tickets containing access privileges for improved 
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security. In the following description, for purposes of 
explanation, numerous specific details are set forth in order 
to provide a thorough understanding of the present inven- 
tion. It will be evident, however, to one skilled in the art that 

5 the present invention may be practiced without these specific 
details. In other instances, well-known structures and 
devices are shown in block diagram form in order to avoid 
unnecessarily obscuring the present invention. 
The present invention includes various steps, which will 

10 be described below. The steps can be embodied in machine- 
executable instructions, which can be used to cause a 
general-purpose or special-purpose processor programmed 
with the instructions to perform the steps. Alternatively, the 
steps of the present invention might be performed by spe- 

15 cific hardware components that contain hardwired logic for 
performing the steps, or by any combination of programmed 
computer components and custom hardware components. 

I. System Overview 

20 The present invention is included in a system, known as 
WebTV™, for providing a user with access to the Internet. 
A user of a WebTV™ client generally accesses a WebTV™ 
server via a direct-dial telephone (POTS, for "plain old 
telephone service"), ISDN (Integrated Services Digital 

25 Network), or other similar connection, in order to browse the 
Web, send and receive electronic mail (e-mail), and use 
various other WebTV™ network services. The WebTV™ 
network services are provided by WebTV™ servers using 
software residing within the WebTV™ servers in conjunc- 

30 tion with software residing within a WebTV™ client 

FIG. 1 illustrates a basic configuration of the WebTV™ 
network according to one embodiment. A number of 
WebTV™ clients 1 are coupled to a modem pool 2 via 

3S direct-dial, bi-directional data connections 29, which may be 
telephone (POTS, Le., "plain old telephone service"), ISDN 
(Integrated Services Digital Network), or any other similar 
type of connection. The modem pool 2 is coupled typically 
through a router, such as that conventionally known in the 

^ art, to a number of remote servers 4 via a conventional 
network infrastructure 3, such as the Internet. The WebTV™ 
system also includes a WebTV™ server 5, which specifi- 
cally supports the WebTV™ clients 1. The WebTV™ clients 
1 each have a connection to the WebTV™ server 5 either 

45 directly or through the modem pool 2 and the Internet 3. 
Note that the modem pool 2 is a conventional modem pool, 
such as those found today throughout the world providing 
access to the Internet and private networks. 
Note that in this description, in order to facilitate expla- 

50 nation the WebTV™ server 5 is generally discussed as if it 
were a single device, and functions provided by the 
WebTV™ services are generally discussed as being per- 
formed by such single device. However, the WebTV™ 
server 5 may actually comprise multiple physical and logical 

55 devices connected in a distributed architecture, and the 
various functions discussed below which are provided by the 
WebTV™ services may actually be distributed among mul- 
tiple WebTV™ server devices. 

II. Client System 

FIG. 2 illustrates a WebTV™ client 1. The WebTV™ 
client 1 includes an electronics unit 10 (hereinafter referred 
to as "the WebTV™ box 10"), an ordinary television set 12, 
and a remote control 11. In an alternative embodiment of the 
65 present invention, the WebTV™ box 10 is built into the 
television set 12 as an integral unit. The WebTV™ box 10 
includes hardware and software for providing the user with 



06/05/2003, EAST Version: 1.03.0002 



US 6,505,232 Bl 

5 6 

a graphical user interface, by which the user can access the database 62 contains information that is used to control 

WebTV™ network services, browse the Web, send e-mail, certain features relating to access privileges and capabilities 

and otherwise access the Internet. of the user of the client 1. This information is used to 

Hie WebTV™ client 1 uses the television set 12 as a * itial acce ? t0 * e WebTV™ service, as well as to 

iuc nwi v "fr: , 1ft . „ tmtpH t _ tKp « regulate access to the individual services provided by the 

display device^ The WebTV™ box 10 is coupled to toe 5 ^ ^ ^ ^ ^ ^ ^ 

television set 12 by a video link 6. The video link 6 is mcQt datab 4e 61 ^ a pcrsistent datab ase which stores 

(radio frequency), S-video, composite video or other ^ ic and historical ^^00 about each 

equivalent form of video link. In the preferred embodiment, document an d image retrieved by the server 5, as is now 

the client 1 includes both a standard modem and an ISDN described, 

modem, such that the communication link 29 between the 10 A Document Database 

WebTV™ box 10 and the server 5 can be either a telephone ^ basic purpose of the document database 61 is that, 

(POTS) connection 29a or an ISDN connection 29b. The after a document has once been retrieved by the server 5, the 

WebTV™ box 10 receives power through a power line 7. stQred information can be used by the server 5 to speed up 

Remote control 11 is operated by the user in order to processing and downloading of that document in response to 

control the WebTV™ client 1 in browsing the Web, sending 15 a u fataic requests for that document In addition, the 

e-mail, and performing other Internet-related functions. The transcoding functions and various other functions of the 

WebTV™ box 10 receives commands from remote control WebTV™ service are facilitated by making use of the 

11 via an infrared (IR) communication link. In alternative information stored in the document database 61, as will be 

embodiments, the link between the remote control 11 and the described below. 

WebTV™ box 10 may be RF or any equivalent mode of 20 Referring now to FIG. 5, the server 5 initially receives a 

transmission. document request from a client 1 (step 501). The document 

request will generally result from the user of the client 1 

III. server system activating a hypertext anchor (link) on a Web page. The act 

The WebTV™ server 5 generally includes one or more ^ 0 f activating a hypertext anchor may consist of clicking on 

computer systems generally having the architecture illus- underlined text in a displayed Web page using a mouse, for 

trated in FIG. 3. It should be noted that the illustrated example. The document request will typically (but not 

architecture is only exemplary; the present invention is not always) include the URL (Uniform Resource Locator) or 

constrained to this particular architecture. Hie illustrated other address of the selected anchor. Upon receiving the 

architecture includes a central processing unit (CPU) 50, 3Q document request, the server 5 optionally accesses the 

random access memory (RAM) 51, read-only memory document database 61 to retrieve stored information relating 

(ROM) 52, a mass storage device 53, a modem 54, a network to the requested document (step 502). It should be noted that 

interface card (NIC) 55, and various other input/output (I/O) the document database 61 is not necessarily accessed in 

devices 56. Mass storage device 53 includes a magnetic, every case. The information retrieved from the document 

optical, or other equivalent storage medium. I/O devices 56 ^ database 61 is used by the server 5 for determining, among 

may include any or all of devices such as a display monitor, other things, how long a requested document has been 

keyboard, cursor control device, etc. Modem 54 is used to cached and/or whether the document is still valid. The 

communicate data to and from remote servers 4 via the criteria for determining validity of the stored document are 

Internet. discussed below. The server 5 retrieves the document from 

As noted above, the WebTV™ server 5 may actually ^ the cache 65 if the stored document is valid; otherwise, the 

comprise multiple physical and logical devices connected in server 5 retrieves the document from the appropriate remote 

a distributed architecture. Accordingly, NIC 55 is used to server 4 (step 503). The server 5 automatically transcodes 

provide data communication with other devices that are part the document as necessary based on the information stored 

of the WebTV™ services. Modem 54 may also be used to in the document database 61 (step 503). The transcoding 

communicate with other devices that are part of the 45 functions are discussed further below. 

WebTV™ services and which are not located in close The document database 61 includes certain historical and 

geographic proximity to the illustrated device. diagnostic information for every Web page that is accessed 

The WebTV™ server 5 acls as a proxy in providing the at any time by a WebTV™ client 1. As is well known, a Web 

WebTV™ client 1 with access to the Web and other page may correspond to a document written m a language 

WebTV™ services. More specifically, WebTV™ server 5 50 such as HTML (Hypertext Mark-Up Language), VRML 

functions as a "caching proxy." FIG. 4A illustrates the (Virtual Reality Modelling Language), or another suitable 

caching feature of the WebTV™ server 5. In FIG. 4A, the language. Alternatively, a Web page may represent an 

WebTV™ server 5 is functionally located between the image, or a document which references one or more images. 

WebTV™ client 1 and the Internet infrastructure 3. The According to the present invention, once a document or 

WebTV™ server 5 includes a proxy cache 65 which is 55 image is retrieved by the WebTV™ server 5 from a remote 

functionally coupled to the WebTV™ client 1. The proxy server 4 for the first time, detailed information on this 

cache 65 is used for temporary storage of Web documents, document or image is stored permanently in the document 

images, and other information which is frequently used by database 61. More specifically, for every Web page that is 

either the WebTV™ M client 1 or the WebTV™ server 5. retrieved from a remote server 4, any or all of the following 

A document transcoder 66 is functionally coupled 60 data are stored m the document database 61: 

between the proxy cache 65 and the Internet infrastructure 3. 1) information identifying bug, (errors) or quirks in the 

Tne document transcoder 66 includes software which is used Web page, or undesirable effects caused when the Web 

to automatically revise the code of Web documents retrieved page is displayed by a client 1; 

from the remote servers 4, for purposes which are described 2) relevant bug-finding algorithms; 

below 65 3) the date and time the Web page was last retrieved; 

The WebTV™ M service provides a document database 4) the date and time the Web page was most recently 

61 and a user database 62, as illustrated in FIG. 4B. The user altered by the author; 
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5) a checksum for determining whether the Web page has transcoding refers to the transcoding of documents on a 
been altered* line-by-line basis as they are retrieved from a remote server 

6) the size of the Web page (in terms of memory); * and downloaded to the client 1 (i.e., transcodmg "on the 
ine bizc ui we tvcu page v . fly"). Some documents, however, must first be buffered in 

7) the type of Web page (e.g., HTML document, image, 5 ^ ^ cbrvTM acrvw 5 bcfcnc traoscoding ^d downloading 
etc )» them to the client 1. A document may need to be buffered 

8) a list of hypertext anchors (links) in the Web page and before transmitting it to the client 1 if the type of changes to 
corresponding URLS; t> e made can only be made after the entire document has 

9) a list of the most popular anchors based on the number been retrieved from the remote server 4. Because the process 
of "hits" (requests from a client 1); 10 of retrieving and downloading a document to the client 1 

10) a list of related Web pages which can be prefetched; increases latency and decreases throughput, it is not desir- 

11) whether the Web page has been redirected to another able to buffer all documents. Therefore, the transcoder 66 
remote server 4* accesses and uses information m the document database 61 

• , \ relating to the requested document to first determine whether 

12) a redirect address (if appropriate); ^ & ^ document must te buffered for purposes of 

13) whether the redirect (if any) is temporary or toscoding) before me document is retrieved from the 
permanent, and if permanent, the duration of the redi- remotc server 4. 

rec *i In the deferred mode, transcoding is deferred until after a 

14) if the Web page is an image, the size of the image in requested document has been downloaded to a client 1. The 
terms of both physical dimensions and memory space; 2Q deferred mode therefore reduces latency experienced by the 

15) the sizes of in-line images (images displayed in text) c ii ent l in receiving the document. Transcoding may be 
referenced by the document defining the Web page; performed immediately after downloading or any time there- 

16) the size of the largest image referenced by the after. For example, it may be convenient to perform 
document; transcoding during periods of low usage of WebTV™ 

17) information identifying any image maps in the Web 25 services, such as at night. This mode is useful for certain 
p age . types of transcoding which are not mandatory. 

18) whether to resize any images corresponding to the 1- Transcoding for Bugs and Quirks 

L. One characteristic of some prior art Web browsers is that 

««x -? e L * * ui • t u fl u/ 0 K Mn .. they may experience failures ("crashes") because of bugs or 

19) an indication of any forms or tables m the Web page, ^ J^J^ %^ KS that are present m a Web 

20) any unknown protocols; document. Alternatively, quirks in a document may cause an 

21) any links to "dead" Web pages (i.e., pages which are undesirable result, even though the client does not crash, 
no longer active); Therefore, the transcoding feature of the present invention 

22) the latency and throughput of the remote server 4 on provides a means for correcting certain bugs and quirks in a 
which the Web page is located; 35 Web document. To be corrected by the transcoder 66, bugs 

23) the character set of the document; and quirks must be identifiable by software running on the 

24) the vendor of the remote server 4 on which the Web server 5. Consequently, the transcoder 66 will generally only 
page is located; correct conditions which have been previously discovered, 

25) the geographic location of the remote server 4 on 

u- u * u vi£k «™ ,v 40 Once a bug or quirk is discovered, however, algonthms are 

winch the Web page is located, ^ to £ 66 to both detect ^ bug or ^ ^ 

26) the number of other Web pages which reference the ^ m Wefe documenl md t0 automa tically correct 
subject Web page; it 

27) the compression algorithm used by the image or There are coundess pc^ibu^ties of bugs or o^irks which 
document; 45 might be encountered in a Web document. Therefore, no 

28) the compression algorithm chosen by the transcoder; attempt will be made herein to provide an exhaustive list. 

29) a value indicating the popularity of the Web page Nonetheless, some examples may be useful at this point, 
based on the number of hits by clients; and Consider, for example, an HTML document that is down- 

30) a value indicating the popularity of other Web pages loaded from a remote server 4 and which contains a table 
which reference the subject Web page. 50 having a width specified in the document as "0." This 

B. Transcoding condition might cause a failure if the client were to attempt 

As mentioned above, the WebTV™ services provide a to display the document as written. This situation therefore, 

transcoder 66, which is used to rewrite certain portions of can be detected and corrected by the transcoder 66. Another 

the code in an HTML document for various purposes. These example is a quirk in the document which causes quotations 

purposes include: (1) correcting bugs in documents; (2) 55 to be terminated with too many quotation marks. Once the 

correcting undesirable effects which occur when a document quirk is first detected and an algorithm is written to recog- 

is displayed by the client 1; (3) improving the efficiency of nize it, the transcoder 66 can automatically correct the quirk 

transmission of documents from the server 5 to the client 1; in any document. 

(4) matching hardware decompression technology within If a given Web document has previously been retrieved by 

the client 1; (5) resizing images to fit on the television set 12; 60 the server 5, there will be information regarding that docu- 

(6) converting documents into other formats to provide ment available in the document database 61 as described 

compatibility; (7) reducing latency experienced by a client 1 above. The information regarding this document will 

when displaying a Web page with in-line images (images include whether or not the document included any bugs or 

displayed in text); and, (8) altering documents to fit into quirks that required transcoding when the document was 

smaller memory spaces. 65 previously retrieved. The transcoder 66 utilizes this infor- 

There are three transcoding modes used by the transcoder mation to determine whether (1) the document is free of 
66: (1) streaming, (2) buffered, and (3) deferred. Streaming bugs and quirks, (2) the document has bugs or quirks which 
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can be remedied by transcoding on the fly, or (3) the Another alternative basis for the validity of a document is 

document has bugs or quirks which cannot be corrected on the observed rate of change of the document. Again, data in 

the fly (i.e., buffering is required). the persistent document database 61 can be used. That is, 

FIG 6 illustrates a routine for transcoding a Web docu- because the document database 61 stores the date and time 

ment for purposes of eliminating bugs and quirks. Initially, 5 on which the document was last observed to change, the 

the server 5 receives a document request from the client 1 server 5 can approximate how often the document actually 

(step 601). Next, the document database 61 is accessed to changes. A document or image which is observed to change 

determine whether or not the requested document has been frequently (e.g., a weather map or a news page) can be 

previously retrieved (step 602). If the document has not been assigned a relatively short period of validity. It will be 

previously retrieved, then the server 5 retrieves the docu- 10 recognized that numerous other ways of determining valid- 

ment from the remote server 4 (step 609). Next, the retrieved ity are possible, 

document is analyzed for the presence of bugs or unusual 2. Transcoding to Reduce Latency 

conditions (step 610). Various diagnostic information is then Another purpose for transcoding is to allow documents 

stored in the document database 61 as a result of the analysis requested by a client 1 to be displayed by the client 1 more 

to note any bugs or quirks that were found (step 611). If any is rapidly. Many HTML documents contain references to "in- 

bugs or quirks were found which can be corrected by the line" images, or images that will be displayed in text in a 

transcoder66,medc)cumentismentranscodedandsavedto Web page. The normal process used in the prior art to 

the proxy cache 65 (step 612). The transcoded document is display a Web page having in-line images is that the HTML 

then downloaded to the client 1 (step 613). It should be noted document referencing the image is first downloaded to the 

that transcoding can be deferred until after the document has 20 client, followed by the client's requesting the referenced 

been downloaded, as described above; hence, the sequence image. The referenced image is then retrieved from the 

of FIG. 6 is illustrative only. remote server on which it is located and downloaded to the 

If (in step 602) the requested document had been previ- client. One problem associated with the prior art, however, 

ously retrieved, then it is determined whether the requested is that the speed with which a complete Web page can be 

document is still valid (step 603) and whether the document 25 displayed to the user is often limited by the time it takes to 

is present in the proxy cache 65 (step 604). If the document retrieve in-line images. One reason for this is that it simply 

is no longer valid, then the document is retrieved from the takes time to retrieve the image itself after the referencing 

remote server 4, analyzed for bugs and quirks, transcoded as document has been retrieved. Another reason is that, in the 

required, and then downloaded to the client 1 as described prior art, if the referencing document does not specify the 

above (steps 609-613). Methods for determining validity of 30 size of the image, the Web page generally cannot be dis- 

a document are discussed below. If the document is still played until the image itself has been retrieved. The present 

valid (step 603) and the document is present in the cache 65, invention overcomes these limitations, 

the document is downloaded to the client 1 in its current According to the present invention, information stored in 

form (as it is stored in the cache), since it has already been the document database 61 regarding the in-line images is 

transcoded (step 608). 35 used to transcode the referencing document in order to 

The document, however, may be valid but not present io reduce latency in displaying the Web page. Once any docu- 

the cache. This may be the case, for example, if the docu- ment which references an in-line image is initially retrieved 

ment has not been requested recently and the cache 65 has by the server 5, the fact that the document references an 

become too full to retain the requested document. In that in-line image is stored in the document database 61. In 

case, the document is retrieved again from the remote server 40 addition, the size of the image is determined, either from the 

4 (step 605) and then transcoded on the basis of the document (if specified) or from the image itself, and then 

previously-acquired diagnostic information stored within stored in the document database 61. Consequently, for 

the database 61 for that document. The document is then documents which do not specify the size of their in-line 

saved to the cache 65 (step 606). Note that because the images, the size information stored in the database 61 is then 

document is still valid, it is assumed that the diagnostic 45 used the next time the document is requested in order to 

information stored in the document database 61 for that reduce latericy ro downloading and displaying the Web page, 

document is still valid and that the transcoding can be Refer now to FIG. 7, which illustrates a routine for 

performed on the basis of that information. Accordingly, reducing latency when downloading a document referencing 

once the document is transcoded, the transcoded document an image to a client 1. Assume that a client 1 sends a request 

is downloaded to the client 1 (step 607). Again, note that 50 to the server 5 for an HTML document containing a refer- 

transcoding can be deferred until after the document has ence to an in-line image. Assume further that the size of the 

been downloaded in some cases. image is not specified in the document itself Initially, the 

The validity of the requested document can be determined server 5 determines whether that document has been preyi- 

based on various different criteria. For example, some ously retrieved (step 701). If not, the standard initial 

HTML documents specify a date on which the document 55 retrieval and transcoding procedure is followed (step 706), 

was created, a length of time for which the document will be as described in connection with FIG. 6. If, however, the 

valid, or both. The validity determination can be based upon document has been previously retrieved, then the transcoder 

such information. For example, a document which specifies 66 accesses the size information stored in the document 

only the date of creation can be automatically deemed database 61 for the in-line image (step 702). Based on this 

invalid after a predetermined period of time has passed. 60 size information, the HTML document is transcoded such 

Alternatively, validity can be based upon the popularity of that, when the Web page is initially displayed by the client 

the requested document. "Popularity" can be quantified 1, the area in which the image belongs is replaced by a blank 

based upon the number of hits for that document, which is region enveloping the shape of the image (step 703). Thus, 

tracked in the document database 61. For example, it might any in-line image referenced by a document is displayed 
be prudent to simply assign a relatively short period of 65 initially as a blank region. Consequently, the client 1 can 

validity to a document which is very popular and a longer immediately display the Web page corresponding to the 

period of validity to a document which is less popular. HTML document even before the referenced image has been 
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retrieved or downloaded (i.e., even before the size of the 
image is known to the client 1). 

As the transcoded HTML document is downloaded to the 
client, the image is retrieved from the appropriate remote 
server 4 (step 704). Once the image is retrieved from the 
remote server 4 and downloaded to the client 1, the client 1 
replaces the blank area in the Web page with the actual 
image (step 705). 

3. Transcoding to Display Web Pages on a Television 
As noted above, the client 1 utilizes an ordinary television 

set 12 as a display device. However, images in Web pages 
are generally formatted for display on a computer monitor, 
not a television set. Consequently, the transcoding function 
of the present invention is used to resize images for display 
on the television set 12. This includes rescaling images as 
necessary to avoid truncation when displayed on the televi- 
sion set 12. 

It should be noted that prior art Web browsers which 
operate on computer monitors typically use resizable win- 
dows. Hence, the size of the visible region varies from client 
to client. However, because the web browser used by the 
WebTV™ client 1 is specifically designed for display on a 
television set, the present invention allows documents and 
images to be formatted when they are cached. 

4. Transcoding for Transmission Efficiency 
Documents retrieved by the server 5 are also transcoded 

to improve transmission efficiency. In particular, documents 
can be transcoded in order to reduce high frequency com- 
ponents in order to reduce interlace flicker when they are 
displayed on a television set. Various methods for coding 
software or hardware to reduce perceptual interlace flicker 
are described in co-pending U.S. patent application Ser. No. 
08/656,923, filed on Jun. 3, 1996 now U.S. Pat. No. 5,862, 
220. 

Documents can also be transcoded in order to lower the 
resolution of the displayed Web page. Reducing the resolu- 
tion is desirable, because images formatted for computer 
systems will generally have a higher resolution than the 
NTSC (National Television Standards Committee) video 
format used by conventional television sets. Since the NTSC 
video does not have the bandwidth to reproduce the reso- 
lution of computer-formatted images, the bandwidth con- 
sumed in transmitting images to the client 1 at such a high 
resolution would be wasted. 

5. Other Uses for Transcoding 

Transcoding is also used by the present invention to 
recode a document using new formats into older, compatible 
formats. Images are often displayed in the JPEG (Joint 
Picture Experts Group) formal or the GIF image format. 
JPEG often consumes less bandwidth than GIF, however. 
Consequently, images which are retrieved in GIF format are 
sometimes transcoded into JPEG format. Methods for gen- 
erally converting images between GIF and JPEG formats are 
well known. 

Other uses for transcoding include transcoding audio files. 
For example, audio may be transcoded into different formats 
in order to achieve a desired balance between memory 
usage, sound quality, and data transfer rate. In addition, 
audio may be transcoded from a file format (e.g., an ".AU" 
file) to a streaming format (e.g., MPEG 1 audio). Yet another 
use of audio transcoding is the transcoding of MIDI 
(Musical Instrument Digital Interface) data to streaming 
variants of MIDI. 

Additionally, documents or images requiring a large 
amount of memory (e.g., long lists) can be transcoded in 
order to consume less memory space in the client 1. This 
may involve, for example, separating a large document or 
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image into multiple sections. For example, the server 5 can 
insert tags at appropriate locations in the original document 
so that the document appears to the client 1 as multiple Web 
pages. Hence, while viewing a given page representing a 
portion of the original document, the user can .view the next 
page (i.e., the next portion of the original document) by 
activating a button on the screen as if it were an ordinary 
hypertext anchor. 
C. Proxy ing 

As noted above, the server 5 functions as a proxy on 
behalf of the client 1 for purposes of accessing the Web. The 
document database 61 is used in various ways to facilitate 
this proxy role, as will now be described. 

1. Updating Cached Documents 

It is desirable to store frequently-requested HTML docu- 
15 ments and images in the proxy cache 65 to further reduce 
latency in providing Web pages to the client 1. However, 
because some documents and images change over time, 
documents in the cache 65 will not be valid indefinitely, as 
mentioned above. A weather map or a news-related Web 
20 page, for example, are likely to be updated quite frequently. 
Consequently, it is desirable for the server 5 to have the 
ability to estimate the frequency with which documents 
change, in order to determine how long a document can 
safely remain within the proxy cache 65 without being 
25 updated. 

The persistent database 65 is used to store the date and 
time of the last several fetches of each document and image 
retrieved from a remote server 4, along with an indication of 
any changes that were detected, if any. A document or image 
which has been stored in the cache 65 is then retrieved on a 

30 periodic basis to determine if it has been changed. Change 
status information indicating whether the document has 
changed since the previous fetch is then stored in the 
document database 61. If no changes are detected, then the 
time interval between fetches of this document is increased. 

35 If the document has changed, the time interval is maintained 
or decreased. As a result, items in the cache 65 which change 
frequently will be automatically updated at frequent 
intervals, whereas documents which do not change often 
will be replaced in the cache less frequently. 

40 FIG. 8 illustrates a routine for updating documents stored 
in the proxy cache 65 using data stored in the document 
database 61. Assume a document X has been stored in the 
proxy cache 65. Document X remains in the cache 65 until 
a predetermined update period T 2 expires (step 801). Upon 

45 the expiration of the update period T lf the document X is 
again retrieved from the appropriate remote server 4 (step 
802). The newly-retrieved document X is then compared to 
the cached version of document X (step 803). If the docu- 
ment has changed, then the cached version of document X 

50 is replaced with the newly-retrieved version of document X 
(step 806). If not, then the update period T 2 is increased 
according to a predetermined time increment Atj (step 804). 
In any case, the date and time and the change status of 
document X is saved to the document database 61 (step 

55 805). 

2. Document and Image Prefetching 

The document database 61 is also used by the server 5 to 
store prefetching information relating to documents and 
images. In particular, the database stores, for each document 

60 that has been retrieved, a list of images referenced by the 
document, if any, and their locations. Consequently, the next 
time a document is requested by a client 1, the images can 
be immediately retrieved by the server 5 (from the cache 65, 
if available, or from the remote server 4), even before the 

65 client 1 requests them. This procedure improves the speed 
with which requested Web pages are downloaded to the 
client. 



06/05/2003, EAST Version: 1.03.0002 



US 6,505,232 Bl 
13 14 

The document database 61 is also used to facilitate a 5. Backoff Mode 

process referred to as "server-advised client prefetching." Although the server 5 generally operates in the proxy 

Server-advised client prefetching allows the server 5 to mode, it can also enter a "backoff mode" in which the server 

inform the client 1 of documents or images which are 5 does not act as a proxy, or the server 5 performs only 
popular to allow the client 1 to perform the prefetching. In 5 certain aspects of tie normal proxying functions. For 

particular, for any given document, a list is maintained in the example, if the proxy cache 65 is overloaded, then the server 

server 5 of the most popular hypertext anchors in that 5 cn t cr a backoff mode in which documents are not 

document (i.e., those which have previously received a large cached but are transcoded as required. Alternatively, during 

number of hits). When that document is requested by the times when ^ SCTVGT 5 ^ severely overloaded with network 

client 1, the server 5 provides the client 1 with an indication 1Q traffi ^ the 5 may instruct the client 1 to bypass the 

of these popular links. server 5 and contact remote servers 4 directly for a specified 

3. Redirects time or umil notice. Or, the server 5 can enter a 
Web pages are sometimes forwarded from the remote flexible5atoffm ^ e ^ 

server on which meyare initiaUy P^^^J^ 1 to contact a remote server 4 directly only for certain Web 
location. Under me HTTP (Hypertext Transport Protocol), J J 

such forwarding is sometimes referred to as a "redirect." « for a Pf£* <° f 

When an HTML document is initially stored on one remote _ < ^ L t ° > ^ blV , mCCS J . . f 

server and then later transferred to another remote server, the The WebTV™ server 5 provides various services to the 

first remote server will provide, in response to a request fbr client 1, such as proxying and electronic mail ( e-mail ). In 

that document, an indication that the document has been the prior art, certain difficulties are associated with allowing 

transferred to a new remote server. This indication generally 20 a client computer access to different services of an Internet 

includes a forwarding address ("redirect address"), which is service, as will now be explained with reference to FIG. 10. 

generally a URL. FIG. 10 illustrates a client-server system according to one 

In the prior art, when a computer requesting a Web page prior art embodiment. The server 76 provides various ser- 

receives a redirect, it must then submit a new request to the vices A, B, and C. The server 76 includes a database 71 for 

redirect address. Having to submit a second request and wait 25 storing information on the user's access privileges to ser- 

for a second response consumes time and increases overall vices A, B, and C. The client 75 of the embodiment of FIG. 

latency. Consequently, the present invention uses the docu- 10 accesses any of services A, B, and C by contacting that 

ment database 61 to store any redirect address for each service direcdy. The contacted service then accesses the 

document or image. Any time a redirected document is database 71, which stores the access privileges of the client 

requested, the server 5 automatically accesses the redirect 30 75, to determine whether the client 75 should be allowed to 

address to retrieve the document. The document or image is access that service. Hence, each service provided by the 

provided to the client 1 based on only a single request from server 76 requires direct access to the database 71. This 

the client 1. The change in location of the redirected docu- architecture results in a large number of accesses being made 

ment or image remains completely transparent to the client to the database 71, which is undesirable. In addition, the fact 

1 35 that each service independently has access to the database 71 

FIG. 9 illustrates a routine performed by the server 5 in raises security concerns. Specifically, it can be difficult to 

accessing documents which may have been forwarded to a isolate sensitive user information. The present invention 

new remote server. Initially, the server 5 receives a request overcomes such difficulties using a technique which is now 

for a document, which generally includes an address (step described. 

901). The server 5 then accesses the document database 61 40 1. Tickets Containing Privileges And Capabilities 

to detennine whether there is a redirect address for the As shown in FIG. 11, the server 5 provides a number of 

requested document (step 902). If there is no redirect services D, E, and F 77, 79, and 80, respectively, and a log-in 

address, then the server 5 accesses a remote server 4 based service 78. The log-in service 78 is used specifically to 

on the address provided in the document request from the control initial log-on procedures by a client 1. The log-in 

client 1 (step 903). Assuming that the remote server 4 does 45 service 78 has exclusive access to the user database 62 

not respond to the server 5 with a redirect (step 904), the (discussed above with respect to FIG. 4B). The log-in 

document is retrieved and downloaded to the client 1 by the service 78 and the user database 62 are located within a first 

server 5 (step 907). If, however, a redirect address was security zone 84. Service D is located within a second 

stored in the document database 61 (step 902), then the security zone 86, while services E and F are contained 

server 5 accesses the requested document according to the 50 within a third security zone 88. Note that the specific 

redirect address (step 906). Or, if the remote server 4 arrangement of security zones 84, 86, and 88 with respect to 

responded with a redirect (step 904), then the server 5 saves services D, E, and F is illustrative only, 

the redirect address to the document database 61 (step 905) The user database 62 of the present invention stores 

and accesses the requested document according to the redi- various information pertaining to each authorized user of a 

rect address (step 906). 55 client 1. This information includes account information, a 

4. Other Proxy Functions hst of the WebTV™ services that are available to the 
The document database 61 also stores information relat- particular user, and certain user preferences. For example, a 

ing to the performance of each remote server 4 from which particular user may not wish his client 1 to be used to access 

a document is retrieved. This informatioo includes the Web pages having adult-oriented subject matter, 

latency and throughput of the remote server 4. Such infor- 60 Consequently, the user would request that his account be 

mation can be valuable in instances where a remote server filtered to prevent access to such material This request 

4 has a history of responding slowly. For example, when the would then be stored as part of the user data in the user 

document is requested, this knowledge can be used by the database 62. 

server 5 to provide a predefined signal to the client 1. The With regard to user preferences, the hypertext links 

client 1 can, in response to the signal, indicate to the user that 65 selected by a given user can be tracked, and those having the 

a delay is likely and give the user the option of canceling the largest number can be stored in the user database 62. The list 

request can then be provided to the client 1 for use in generating a 
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menu screen of the user's favorite Web sites, to allow the (Internet Protocol) for each service. Different providers of 

user to directly access those Web sites. The list can also be the same service are designated by the same name, but 

used by the server 5 to analyze the user's interests and to different port numbers and/or IPs. Note that in a standard 

formulate and provide to the user a list of new Web sites URL, the protocol is normally specified at the beginning of 

which the user is likely to be interested in. The list might be 5 the URL, such as "HTTP://www. ..." under the HTTP 

composed by associated key words in Web pages selected by protocol. However, according to the present invention, the 

the user with other Web pages. normal protocol designation (i.e., "HTTP") in the URL is 

Referring again to FIG. 11, in response to a log-on request replaced with the name of the service, since the port number 

by a client 1, the log-in service 78 consults the user database ^ ip for each m to ^ dient L Hence> the 

62 to determine if access to the server 5 by this particular 10 cUcnt j can flCCCSS aQy of ±G ^^^t providers of a given 

client 1 is authorized. Assuming access is authorized, the • lhe samc tjr L . This procedure effectively adds 

log-in service 78 retrieves certain user information pertain- & ^ Qf mdircction tQ all acccsses madc t0 ^ WebTV™ 

ing to this particular client 1 from the user database ;62 The automatically adds redundancy to the proxy 
loc-m service then generates a ticket 82, which is an 

^formation packet including the retrieved information. The is »«*» • 11 f*> be noted that semce names 

ticket 82 is then provided to the client 1 which requested can refer to the same servlce - 

access. Assume, for example, that the e-mail service provided by 

The ticket 82 includes all information necessary to the WebTV™ system is designated by the service name 

describe the access privileges of a particular user with "WTV-mailto" a client 1 can access any provider of this 

respect to all services provided by the server 5. For example, 20 email service using the same URL. The client 1 merely 

the ticket may include the user name registered to the client chooses the appropriate port number and IP number to 

1, the e-mail address assigned to client 1, and any filtering distinguish between providers. If the client 1 is unable to 

requested by the user with respect to viewing Web sites. connect to one e-mail provider, it can simply contact the next 

Each time the user requests access to one of the services D, one { a the list. 

E, or F, the client 1 submits a copy of the ticket 82 to that 25 at log _ m a client i ^ provided with both a 

service. The requested service can then determine from the ticket containing privileges and capabilities as well as a list 

copy of the ticket 82 whether access to that service by that of ^icc providers, as illustrated in FIG, 12. Initially, the 

client 1 is authorized and, if so, any important information bg _ in 7g determines whether the user of client 1 is 

relating to such access. a valid ^ ( step 1201). If not, log-in is denied (step 1205). 

None of the services provided by the server 5, other than 30 if me use r ^ a valid user, then the log-in service 78 gathers 

the log-in service 78, has access to the user database 62. user information from the user database 62 and generates a 

Hence, any security-sensitive information can be isolated ticket g2 ( step ^2). The log-in service 78 also generates 

within the user database 62 and the log-in service 78. Such ^ aD ove-described list of services (step 1203). The ticket 

isolation allows the individual services provided by the 82 ^ ^ Ust c f services are then downloaded to the client 

server 5 to be placed within separate "firewalls" (security 35 ^ 12M). 

regions), illustrated as security zones 84, 86, and 88. In Asynchronous Notification to Clients by Server 

addition, this technique greatly reduces the number 01 / . . . „ . . . 

accesses required to the user database 62 compared to the Another limitation associated with prior art Internet serv- 

prior art embodiment illustrated in FIG. 10. e * is the mabihty to provide asynchronous notification 

2. Redundancy of Services and Load Balancing 40 information to the chent in the absence of a request from the 

The present invention also includes certain redundancies client to do so. It would be desirable, for example for a 

in the various services provided by the server 5 In particular, server to notify a chent on its own initiative when a 

a given service (e.g., e-mail) can be provided by more than particular Web page has changed or that a particular service 

one physical or logical device. Each such device is consid- is inaccessible. The server 5 of the present invention pro- 

ered a "provider" of that service. If a given provider is 45 vides such capability, and the chent 1 is configured to 

overloaded, or if the client 1 is unable to contact that receive and decode such notifications. For example, the 

provider, the client 1 can contact any of the other providers client 1 can receive updates of its listing of service providers 

of that service. When the server 5 receives a log-in request from the server 5 at various points in time as already 

from a client 1 , in addition to generating the above-described described. Similarly, if a particular service provider becomes 

ticket 82, the log-in service 78 dynamically generates a list 50 unavailable, that fact will be automatically communicated to 

of available WebTV™ services and provides this list to the client 1. As another example, if e-mail addressed to the 

client 1 user has been received by the server 5, then the server 5 will 

Tne server 5 can update the list of services used by any send a message to the client 1 indicating this fact. The client 

client 1 to reflect services becoming unavailable or services 1 will then notify the user that e-mail is waiting by a message 

coming on-line. Also, the list of services provided to each 55 displayed on the television set 12 or by an LED (light 

client 1 can be updated by the server 5 based upon changes emitting diode) built mto the housing of WebTV™ box 10. 

in the loading of the server 5, in order to optimize traffic on Thus, a method and apparatus have been described for 

the server 5. In addition, a client's list of services can be providing electronic tickets having access privileges for 

updated by services other than the log-in service 78, such improved security. The present invention may be embodied 

that one service can effectively introduce another service to 60 in other specific forms without departing from its spirit or 

the client 1. For example, the e-mail service may provide a essential characteristics. The described embodiments are to 

client 1 with the name, port number and IP of its address be considered in all respects only as illustrative and not 

book service. Thus, one service can effectively, and securely restrictive. The scope of the invention is, therefore, indicated 

within the same chain of trust, introduce another service to by the appended claims rather than by the foregoing descrip- 

the client 1. 65 tion. All changes which come within the meaning and range 

This list of services includes the name of each service, a of equivalency of the claims are to be embraced within their 

port number for the provider of each service, and an IP scope. 



06/05/2003, EAST Version: 1.03.0002 



US 6,505,232 Bl 



17 



18 



What is claimed and desired to be secured by United 
States letters patent is: 

1. In server coupled to a client, the client having an 
authorized user, wherein the server provides the client with 

a plurality of on-line services including a log-in service and 5 
at least one other service, the server including a user 
database, a method of controlling access by the client to the 
plurality of on-line services, the method comprising the 
steps of: 

storing in the user database a set of user data correspond- 1Q 
ing to the authorized user; 

receiving at the log-in service a first access request for 
initiating access to the server by the client; 

generating at the log-in service and transmitting to the 
client from the log-in service an information packet 15 
from the set of user data, the information packet 
indicating access privileges of the authorized user in 
relation to the plurality of on-line services; 

receiving at the at least one other service a second access 
request for requesting use of the at least one other 2Q 
service by the client, the second access request includ- 
ing a copy of the information packet; and 

regulating access by the client to the at least one other 
service by using the copy of the information packet and 
without requiring the at least one other service to access 25 
the user database. 

2. A method according to claim 1, wherein the log-in 
service and the user database reside in a common security 
zone. 

3. A method according to claim 2, wherein the log-in 30 
service is the only service to reside in the common security 
zone with the user database. 

4. A method according to claim 2, wherein the common 
security zone is a first security zone, wherein the at least one 
other service resides in a second security zone different than 3S 
the first security zone. 

5. A method according to claim 1, wherein the user 
database contains data indicating whether the user is autho- 
rized to access the user database. 

6. A method according to claim 1, wherein the informa- 40 
tion packet contains data representing a name identifying the 
user. 

7. A method according to claim 1, wherein the informa- 
tion packet contains data representing an e-mail address of 
the user. 45 

8. A method according to claim 1, wherein the plurality of 
on-line services comprise Internet services. 

9. A method according to claim 1, wherein the at least one 
other service comprises a proxy service by which the server 
functions as a proxy on behalf of the client for purposes of 50 
accessing a second server. 

10. A computer program product for implementing, in 
server coupled to a client, the client having an authorized 
user, wherein the server provides the client with a plurality 

of on-line services including a log- in service and at least one 5S 
other service, the server including a user database, a method 
of controlling access by the client to the plurality of on-line 
services, the computer program product comprising a 
computer-readable medium carrying computer-executable 
instructions for causing the server to perform acts of the 60 
method, said acts comprising: 
storing in the user database a set of user data correspond- 
ing to the authorized user; 
receiving at the log-in service a first access request for 

initiating access to the server by the client; 65 
generating at the log-in service and transmitting to the 
client from the log-in service an information packet 



from the set of user data, the information packet 
indicating access privileges of the authorized user in 
relation to the plurality of on-line services; 

receiving at the at least one other service a second access 
request for requesting use of the at least one other 
service by the client, the second access request includ- 
ing a copy of the information packet; and 

regulating access by the client to the at least one other 
service by using the copy of the information packet and 
without requiring the at least one other service to access 
the user database. 

11. A computer program product according to claim 10, 
wherein the log-in service and the user database reside in a 
common security zone. 

12. A computer program product according to claim 11, 
wherein the log-in service is the only service to reside in the 
common security zone with the user database. 

13. A computer program product according to claim 11, 
wherein the common security zone is a first security zone, 
wherein the at least one other service resides in a second 
security zone different than the first security zone. 

14. A computer program product according to claim 10, 
wherein the at least one other service comprises a proxy 
service by which the server functions as a proxy on behalf 
of the client for purposes of accessing a second server. 

15. A computer program product according to claim 10, 
wherein: 

the act of generating further comprises generating at the 
log-in service and transmitting to the client from the 
log-in service a list of the plurality of services provided 
by the server; and 

the second access request includes a service name corre- 
sponding to the at least one other service, the service 
name being selected from the list of the plurality of 
services. 

16. In a networked computer system that includes a server 
system having a plurality of remote servers and a plurality 
of proxy servers, and a plurality of client systems, all of 
which are logically interconnected so that the client systems 
can access informational content stored at the one or more 
remote servers, and wherein at least one client system 
comprises a graphical user interface by which the network 
can be accessed and browsed using a display, a method of 
increasing security of user database information retained by 
the server system by reducing the number of direct accesses 
of such user database information when accessing requested 
services provided by the server system, comprising steps 
for: 

at one of the servers of the server system, determining the 
validity of a log-in request received from a client 
system; 

as part of a log-in service, obtaining at the server which 
received the log-in request, access to a user database 
and preparing an information packet that includes 
access privileges in relation to other services available 
in the server system; 

downloading to the client system the prepared informa- 
tion packet; and 

thereafter, for any other service for which access is 
requested by the client system, the server at which said 
any other service request is received regulating access 
to the requested service based on a copy of the infor- 
mation packet submitted with the client system request, 
whereby access to the user database is limited to the 
initial log-in service. 

17. A method as recited in claim 16, wherein the infor- 
mation packet includes at least one of (i) a user name, (ii) a 
user email address, and (iii) a user preference. 



06/05/2003, EAST Version: 1.03.0002 



US 6,50532 Bl 



19 



20 



18. A method as recited in claim 17, wherein the user 
preferences include any filtering requested by a user with 
respect to viewing Web sites. 

19. A method as recited in claim 16, wherein the other 
services available in the server system comprise at least one 
of an email service and a proxy service. 

20. A method as recited in claim 16, wherein the log-in 
service and the user database reside in a common security 
zone that is separate from one or more other security zones 
containing other services available in the server system, 

21. In a networked computer system that includes a server 
system having a plurality of remote servers and a plurality 
of proxy servers, and a plurality of client systems, all of 
which are logically interconnected so that the client systems 
can access informational content stored at the one or more 
remote servers, and wherein at least one client system 
comprises a graphical user interface by which the network 
can be accessed and browsed using a display, a computer 
program product for implementing a method of increasing 
security of user database information retained by the server 
system by reducing the number of direct accesses of such 
user database information when accessing requested ser- 
vices provided by the server system, comprising a computer 
readable medium for storing executable instructions for 
implementing the method, and wherein the method is com- 
prised of steps for: 

at one of the servers of the server system, detenriining the 
validity of a log-in request received from a client 
system; 

as part of a log-in service, obtaining at the server which 
received the log-in request, access to a user database 
and preparing an information packet that includes 
access privileges in relation to other services available 
in the server system; 
downloading to the client system the prepared informa- 
tion packet; and 
thereafter, for any other service for which access is 
requested by the client system, the server at which said 
any other service request is received regulating access 
to the requested service based on a copy of the infor- 
mation packet submitted with the client system request, 
whereby access to the user database is limited to the 
initial log-in service. 

22. A computer program product as recited in claim 21, 
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number of direct accesses of such user database information 
when accessing requested services provided by the server 
system, comprising acts of: 

receiving at one of the servers of the server system a 
log-in request from a client system; 

as part of a log-in service, retrieving user information 
from a user database and generating an information 
packet from the user information that includes access 
privileges in relation to other services available in the 
server system; 

sending the information packet to the client system; and 

thereafter, for any other service for which access is 
requested by the client system, the server at which said 
any other service request is received resorting to the 
information packet rather than the user database to 
regulate access to the requested service, so as to limit 
direct access to the user database to the initial log-in 
service. 

27. A method as recited in claim 26, wherein the infor- 
mation packet includes at least one of (i) a user name, (ii) a 
user email address, and (iii) a user preference. 

28. A method as recited in claim 27, wherein the user 
preferences include any filtering requested by a user with 
respect to viewing Web sites. 

29. A method as recited in claim 26, wherein the other 
services available in the server system comprise at least one 
of an email service and a proxy service. 

30. A method as recited in claim 26, wherein the log-in 
service and the user database reside in a common security 
zone that is separate from one or more other security zones 
containing other services available in the server system. 

31. In a networked computer system that includes a server 
system having a plurality of remote servers, and a plurality 
of client systems, all of which are logically interconnected 
so that the client systems can access informational content 
stored at the one or more remote servers, and wherein at least 
one client system comprises a graphical user interface by 
which the network can be accessed and browsed using a 
display, a computer program product for implementing a 
method of increasing security of user database information 
retained by the server system by reducing the number of 
direct accesses of such user database information when 
accessing requested services provided by the server system, 
comprising a computer readable medium for storing execut- 
able instructions for implementing the method, and wherein 
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user name, (ii) a user email address, and (iii) a user prefer- 
ence. 

23. A computer program product as recited in claim 22, 
wherein the user preferences include any filtering requested 
by a user with respect to viewing Web sites. 

24. A computer program product as recited in claim 21, 
wherein the other services available in the server system 
comprise at least one of an email service and a proxy service. 

25. A computer program product as recited in claim 21, 
wherein the log-in service and the user database reside in a 
common security zone that is separate from one or more 
other security zones containing other services available in 
the server system. 

26. In a networked computer system that includes a server 
system having a plurality of remote servers, and a plurality 
of client systems, all of which are logically interconnected 
so that the client systems can access informational content 
stored at the one or more remote servers, and wherein at least 
one client system comprises a graphical user interface by 
which the network can be accessed and browsed using a 
display, a method of increasing security of user database 
information retained by the server system by reducing the 
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receiving at one of the servers of the server system a 

log-in request from a client system; 
as part of a log-in service, retrieving user information 
from a user database and generating an information 
packet from the user information that includes access 
privileges in relation to other services available in the 
server system; 
sending the information packet to the client system; and 
thereafter, for any other service for which access is 
requested by the client system, the server at which said 
any other service request is received resorting to the 
information packet rather than the user database to 
regulate access to the requested service, so as to limit 
direct access to the user database to the initial log-in 
service. 

32. A computer program product as recited in claim 31, 
wherein the information packet includes at least one of (i) a 
user name, (ii) a user email address, and (iii) a user prefer- 
ence. 

33. A computer program product as recited in claim 32, 
wherein the user preferences include any filtering requested 
by a user with respect to viewing Web sites. 
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34. A computer program product as recited in claim 31, 
wherein the other services available in the server system 
comprise at least one of an email service and a proxy service. 

35. A computer program product as recited in claim 31, 
wherein the log-in service and the user database reside in a 
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common security zone that is separate from one or more 
other security zones containing other services available in 
the server system. 

***** 
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